IAM policies are sets of JSON code that are based on allow and deny. Here, we define actions associated with a specific service, which will be either allowed or denied.
Let's take an example. My group went on a trip where we took lots of photographs and videos. We wanted to store them in an S3 bucket (named manali-trip-2017) and give access to IAM users so that all other members can access this bucket to download and upload the pictures and videos. And, later on, we want to create a web application that can display all these pictures to users.
For this, I created an S3 bucket, and created an IAM user who has permission to access the specific bucket:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "Stmt1511326932281", "Action": ...